Linux
Objectives: By the end of this topic, you will be able to…
- Navigate the Linux filesystem with confidence
- Manipulate files, permissions, and processes from the terminal
- Install tools needed for other classes
- Begin writing simple scripts to automate tasks
Why use Linux in cybersecurity
Linux is the most widely used operating system among cybersecurity professionals due to its control, flexibility, and large tool ecosystem. Kali Linux is a specialized Debian-based distribution that includes tools for pentesting, forensics, network analysis, reverse engineering, and more.
Working directly with the terminal (CLI) allows automating tasks, interacting directly with tools, and better understanding how systems work.
Filesystem structure
Linux organizes everything in a single directory hierarchy, where everything is a file, including devices and processes.
| Directory | Typical contents |
|---|---|
/ | System root |
/home | User home directories |
/etc | System configuration files |
/bin | Essential system commands |
/usr | User applications |
/var | Variable data (logs, cache) |
/tmp | Temporary files |
/root | Home directory of the root user |
/dev | Devices (disks, USB, etc.) |
/proc | Information about processes and the kernel |
Essential navigation and manipulation commands
Navigation and exploration
pwd # Show current directory
ls # List files
cd # Change directoryFile and directory manipulation
cp file destination # Copy
mv file destination # Move or rename
rm file # Delete
mkdir directory_name # Create directory
touch file.txt # Create empty file
cat file.txt # View file contents
less file.txt # View contents with paginationUseful exploration
tree # View directory structure
file file # Detect file type
find /path -name "*.txt" # Search files by name/extensionFile permissions and user management
Understanding permissions
ls -lTypical output:
-rwxr-xr-- 1 user group 1234 jul 18 file.sh
The first 10 characters indicate type and permissions:
r= read,w= write,x= execute- Structure:
[user][group][others]
Permission and user commands
chmod 755 file.sh # Change permissions (rwxr-xr-x)
chown user:group file # Change owner
whoami # Show current user
sudo command # Execute with elevated privilegesProcesses and services
Process monitoring
ps aux # View all processes
top / htop # Dynamic view (htop must be installed)
kill PID # Terminate a processServices (systemd)
systemctl status service_name
systemctl start/stop/restart service_namePackage installation and using man
Package management
sudo apt update # Update package list
sudo apt install name # Install a package
sudo apt remove name # Remove a packageKali Linux already includes many cybersecurity tools, but you can install others as needed.
Getting help
man command # Full manual
command --help # Quick helpBasic Bash scripting concepts
Scripts allow automating tasks using command-line tools.
Minimal structure:
#!/bin/bash
echo "Hello, World"Useful commands in scripts: if, then, else, for, while, read, $(command)
Simple example:
#!/bin/bash
echo "What is your name?"
read name
echo "Hello, $name"Allow execution:
chmod +x script.sh
./script.shHands-on lab
Requirements: Kali Linux
Part 1: System exploration
- Navigate from
/to/etc,/var, and/home. Identify the purpose of each - Read the contents of
/etc/passwdand answer:- What type of information does it contain?
- What is the difference between this file and
/etc/shadow?
- Verify the permissions of
/etc/shadowwithls -land explain why it cannot be read as a normal user - Review logs:
less /var/log/boot.log
less /var/log/dpkg.logPart 2: Files and permissions
- Create a working folder at
~/linux_practice - Create three files with dummy content
- Execute and document the effects of:
cp file1.txt copy.txt
mv file2.txt renamed.txt
rm file3.txt
chmod 644 copy.txt
chmod +x renamed.txt
chown root:root copy.txtPart 3: Processes and services
- Run
topand observe the most active processes. Filter withps aux | grep bash - Start a program in the background and terminate it with
kill - Check the status of
ssh,cron, andapache2:
systemctl status ssh
service cron statusPart 4: Package management
- Search for a package such as
nmap,htop, ornet-tools:
apt search nmap- Install, verify, and uninstall a package
Part 5: Bash automation
- Create a script that:
- Finds all
.txtfiles in the home directory - Counts the lines in each file
- Prints the result sorted by number of lines
- Finds all
- Add improvements: save results to a file, accept a directory as an argument
Submission
Compressed file (.zip or .tar.gz) with:
- Key screenshots
- The Bash script with comments
- Document with answers to questions and reflections
Key concepts
| Term | Definition |
|---|---|
| CLI | Command Line Interface. Text-based interface for interacting with the operating system |
| Permissions | File access control system based on read, write, and execute for user, group, and others |
| systemd | Init system and service manager used in modern Linux distributions |
| Bash | Bourne Again Shell. Default command interpreter and scripting language on most Linux distributions |
apt | Advanced Package Tool. Package manager for Debian and its derivatives like Kali |
Test yourself
-
Permissions: A file has permissions
-rw-r-----. Who can read it? Who can write to it? What command would you use to make it executable only for the owner? -
Security: Why does
/etc/shadowhave restrictive permissions while/etc/passwdis readable by everyone? What would happen if both were readable? -
Scripting: Write a Bash script that takes an IP address as an argument and runs
ping -c 3against it, saving the result to a file named after the IP.